From 0271f48ab1d9f7e8878e73eb654219ac3316f74c Mon Sep 17 00:00:00 2001 From: Justin Smith Date: Thu, 10 Oct 2024 09:05:50 -0400 Subject: [PATCH] Check flag support before adding --- aws-lc-fips-sys/Cargo.toml | 1 + aws-lc-fips-sys/builder/cmake_builder.rs | 28 +++++++++++++++++++----- aws-lc-sys/builder/cc_builder.rs | 20 ++++++++++------- 3 files changed, 36 insertions(+), 13 deletions(-) diff --git a/aws-lc-fips-sys/Cargo.toml b/aws-lc-fips-sys/Cargo.toml index 4fa219bc687..93a76dba3e9 100644 --- a/aws-lc-fips-sys/Cargo.toml +++ b/aws-lc-fips-sys/Cargo.toml @@ -63,6 +63,7 @@ bindgen = ["dep:bindgen"] # Generate the bindings on the targetted platform as a cmake = "0.1.48" dunce = "1.0" fs_extra = "1.3" +cc = "1.0.100" [target.'cfg(all(any(target_arch = "x86_64", target_arch = "aarch64"), any(target_os = "linux", target_os = "macos"), any(target_env = "gnu", target_env = "musl", target_env = "")))'.build-dependencies] bindgen = { version = "0.69.2", optional = true } diff --git a/aws-lc-fips-sys/builder/cmake_builder.rs b/aws-lc-fips-sys/builder/cmake_builder.rs index e8da2da940e..0b4d0f7cdef 100644 --- a/aws-lc-fips-sys/builder/cmake_builder.rs +++ b/aws-lc-fips-sys/builder/cmake_builder.rs @@ -102,11 +102,29 @@ impl CmakeBuilder { cmake_cfg.define("CMAKE_BUILD_TYPE", "relwithdebinfo"); } else { cmake_cfg.define("CMAKE_BUILD_TYPE", "release"); - if target_family() == "unix" || target_env() == "gnu" { - cmake_cfg.cflag(format!( - "-ffile-prefix-map={}=", - self.manifest_dir.display() - )); + // TODO: Due to the nature of the FIPS build (e.g., its dynamic generation of + // assembly files and its custom compilation commands within CMake), not all + // source paths are stripped from the resulting binary. + emit_warning( + "NOTICE: Build environment source paths might be visible in release binary.", + ); + let parent_dir = self.manifest_dir.parent(); + if parent_dir.is_some() && (target_family() == "unix" || target_env() == "gnu") { + let parent_dir = parent_dir.unwrap(); + let cc_build = cc::Build::new(); + let flag = format!("-ffile-prefix-map={}=", parent_dir.display()); + if let Ok(true) = cc_build.is_flag_supported(&flag) { + emit_warning(&format!("Using flag: {}", &flag)); + cmake_cfg.asmflag(&flag); + cmake_cfg.cflag(&flag); + } else { + let flag = format!("-fdebug-prefix-map={}=", parent_dir.display()); + if let Ok(true) = cc_build.is_flag_supported(&flag) { + emit_warning(&format!("Using flag: {}", &flag)); + cmake_cfg.asmflag(&flag); + cmake_cfg.cflag(&flag); + } + } } } } else if target_os() == "windows" { diff --git a/aws-lc-sys/builder/cc_builder.rs b/aws-lc-sys/builder/cc_builder.rs index 2427b4a9a52..6b00cd1aadd 100644 --- a/aws-lc-sys/builder/cc_builder.rs +++ b/aws-lc-sys/builder/cc_builder.rs @@ -160,15 +160,19 @@ impl CcBuilder { "AWS_LC_SYS_NO_ASM only allowed for debug builds!" ); if compiler.is_like_gnu() || compiler.is_like_clang() { - let file_prefix_map_option = - format!("-ffile-prefix-map={}=", self.manifest_dir.display()); - if let Ok(true) = cc_build.is_flag_supported(&file_prefix_map_option) { - cc_build.flag(file_prefix_map_option); + let flag = format!("-ffile-prefix-map={}=", self.manifest_dir.display()); + if let Ok(true) = cc_build.is_flag_supported(&flag) { + emit_warning(&format!("Using flag: {}", &flag)); + cc_build.flag(flag); } else { - cc_build.flag_if_supported(format!( - "-fdebug-prefix-map={}=", - self.manifest_dir.display() - )); + let flag = format!("-fdebug-prefix-map={}=", self.manifest_dir.display()); + if let Ok(true) = cc_build.is_flag_supported(&flag) { + emit_warning("NOTICE: Build environment source paths might be visible in release binary."); + emit_warning(&format!("Using flag: {}", &flag)); + cc_build.flag(flag); + } else { + emit_warning("NOTICE: Build environment source paths might be visible in release binary."); + } } } }